In production environment, when CSP rules are not explicitely set, the monaco editor fails to load - the Workflow page does not show the workflow definition.

Browser console log:

index.js:86 Refused to load the script 'https://cdn.jsdelivr.net/npm/monaco-editor@0.43.0/min/vs/loader.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://cdn.segment.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

This is not happening in dev env.